minoan-swarm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires teammate prompts to prefer Firecrawl for web fetching and Exa for web searching (see "Step 5: Write teammate prompts" and the "Tool Preferences" sections, including the example "firecrawl scrape URL --only-main-content"), so agents are expected to fetch and interpret arbitrary public web/search content (e.g., webpages, GitHub results, news) which is untrusted user-generated content that can materially influence tool actions and decisions.